CVE-2026-5511: CWE-209 Generation of error message containing sensitive information in TP-Link Systems Inc. Archer AX72 (SG) v1.0
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the presence of the diagnostic utility and view its valid command-line syntax and options. The exposed information is limited in scope and does not include sensitive system data.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-5511) affects the Archer AX72 (SG) v1.0 router from TP-Link Systems Inc. The network diagnostic feature in the device's web management interface improperly processes invalid user input, leading to the generation of error messages that reveal diagnostic command usage details. An attacker with administrative privileges can exploit this to confirm the presence of the diagnostic utility and learn its valid command-line syntax and options. The exposure is limited and does not disclose sensitive system information. The CVSS 4.0 base score is 4.6 (medium severity), reflecting local attack vector, low complexity, no user interaction, and limited confidentiality impact. No patch or official fix has been documented as of the publication date.
Potential Impact
The impact is limited to information disclosure of diagnostic command usage syntax and options. This does not include sensitive system data or credentials. The vulnerability requires administrative privileges, limiting the scope of potential attackers. There are no known exploits in the wild. The information disclosed could potentially aid an attacker in further reconnaissance but does not directly compromise system confidentiality, integrity, or availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch is documented, administrators should monitor TP-Link advisories for updates. Given the requirement for administrative privileges to exploit, restricting administrative access to trusted personnel and secure networks is recommended until a fix is available.
CVE-2026-5511: CWE-209 Generation of error message containing sensitive information in TP-Link Systems Inc. Archer AX72 (SG) v1.0
Description
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the presence of the diagnostic utility and view its valid command-line syntax and options. The exposed information is limited in scope and does not include sensitive system data.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-5511) affects the Archer AX72 (SG) v1.0 router from TP-Link Systems Inc. The network diagnostic feature in the device's web management interface improperly processes invalid user input, leading to the generation of error messages that reveal diagnostic command usage details. An attacker with administrative privileges can exploit this to confirm the presence of the diagnostic utility and learn its valid command-line syntax and options. The exposure is limited and does not disclose sensitive system information. The CVSS 4.0 base score is 4.6 (medium severity), reflecting local attack vector, low complexity, no user interaction, and limited confidentiality impact. No patch or official fix has been documented as of the publication date.
Potential Impact
The impact is limited to information disclosure of diagnostic command usage syntax and options. This does not include sensitive system data or credentials. The vulnerability requires administrative privileges, limiting the scope of potential attackers. There are no known exploits in the wild. The information disclosed could potentially aid an attacker in further reconnaissance but does not directly compromise system confidentiality, integrity, or availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch is documented, administrators should monitor TP-Link advisories for updates. Given the requirement for administrative privileges to exploit, restricting administrative access to trusted personnel and secure networks is recommended until a fix is available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TPLink
- Date Reserved
- 2026-04-03T17:31:05.618Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0c9534ec166c07b0c548ef
Added to database: 5/19/2026, 4:52:04 PM
Last enriched: 5/19/2026, 5:06:57 PM
Last updated: 5/19/2026, 6:07:32 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.